Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3130333a3a2f34382d3438203d3e203539323832.roa
File:                     323430303a643638303a3130333a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier:          uhToeqRR7NCOCYQh1y5admjaTrJCG7Xt/rBAmpp8l1I=
Subject key identifier:   A0:A0:96:75:66:01:D1:9A:A5:24:4E:D8:D8:C6:53:00:F8:29:0B:0B
Certificate issuer:       /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial:       6FC336944AF933C5287263DB1B7A965CC41302C2
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3130333a3a2f34382d3438203d3e203539323832.roa
Signing time:             Mon 26 Sep 2022 08:01:49 +0000
ROA not before:           Mon 26 Sep 2022 07:56:49 +0000
ROA not after:            Mon 25 Sep 2023 08:01:49 +0000
asID:                     59282
IP address blocks:        2400:d680:103::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:c3:36:94:4a:f9:33:c5:28:72:63:db:1b:7a:96:5c:c4:13:02:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
        Validity
            Not Before: Sep 26 07:56:49 2022 GMT
            Not After : Sep 25 08:01:49 2023 GMT
        Subject: CN=A0A096756601D19AA5244ED8D8C65300F8290B0B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:5c:3a:1c:6f:ac:4c:a3:10:31:74:da:8a:7f:
                    bd:df:32:cf:f8:3c:c4:e4:30:59:47:31:fa:e6:fa:
                    e1:fd:5d:09:33:0e:92:a7:5a:75:84:f0:a7:e0:b7:
                    97:d8:52:c0:66:a0:2e:ce:87:c8:aa:a0:56:36:55:
                    23:9a:38:fb:1c:1f:18:29:62:7c:08:0f:b1:ef:24:
                    3d:0b:27:6e:c3:62:09:fe:62:55:eb:14:dd:8e:ed:
                    a3:db:7f:12:db:0a:0d:dc:e5:b0:c9:e4:99:60:77:
                    ee:13:d0:0b:59:5f:25:0a:1f:b0:28:54:45:f8:5e:
                    de:5b:b2:67:cf:89:bf:c6:b9:09:16:51:7a:b3:e1:
                    0f:98:43:ae:6f:5b:65:d2:c2:cd:39:d8:1f:9d:e2:
                    bd:a8:ad:b9:aa:d1:65:28:55:20:e8:21:2b:cf:1e:
                    54:42:d5:59:72:a8:6b:60:6a:74:19:f5:9d:60:e9:
                    10:ff:ab:90:57:82:44:09:ef:02:2c:45:39:54:7d:
                    e8:bf:9f:e7:93:98:ee:e6:a4:8a:22:f9:5f:3a:09:
                    0b:aa:28:6a:08:f3:62:66:36:e1:87:fe:b7:48:2a:
                    b2:bd:cd:43:68:6a:18:eb:dd:5e:b5:4c:09:4e:3e:
                    0f:b0:26:e4:f5:45:d6:b8:ef:e9:e4:6b:34:11:9e:
                    da:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:A0:96:75:66:01:D1:9A:A5:24:4E:D8:D8:C6:53:00:F8:29:0B:0B
            X509v3 Authority Key Identifier:
                keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3130333a3a2f34382d3438203d3e203539323832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:d680:103::/48

    Signature Algorithm: sha256WithRSAEncryption
         af:c5:21:62:ca:3e:af:f1:b5:a2:f8:03:c0:35:72:fc:5c:3a:
         12:8c:e5:5c:c6:82:d7:24:1a:33:98:83:99:e2:a5:4b:fe:5a:
         ee:8a:7f:ab:36:2a:1b:51:2a:2c:bc:b3:ef:28:ff:86:db:8a:
         aa:8e:4c:22:1c:85:9e:e4:28:7c:89:c2:67:d5:c3:2c:cd:41:
         d8:e4:1a:dc:4f:7a:fd:a3:fb:ee:6d:32:11:37:4c:60:76:84:
         e0:80:28:c5:2d:3f:7b:cd:b0:da:73:c8:7a:05:89:c4:92:c6:
         e2:76:64:59:2c:3e:b4:88:5a:68:33:52:be:db:88:73:c1:2d:
         e8:f2:61:65:d1:3f:14:ce:91:b4:46:50:45:d1:ee:7b:6d:00:
         3b:65:4a:19:ea:75:f7:f6:6a:c5:8c:84:e9:33:3f:31:ca:7e:
         68:23:a6:58:06:e1:ae:17:fb:e4:6a:f4:36:d5:89:12:93:c3:
         71:a3:b6:76:c5:85:1a:b4:e7:a7:cc:f5:c7:78:e0:d0:ae:b0:
         34:90:84:fa:8e:91:91:a1:65:b6:62:92:40:ba:6b:b9:ac:fd:
         7a:44:71:ed:28:3b:52:c2:c9:66:02:68:74:29:5c:e3:fa:24:
         28:83:0a:ad:fd:1e:a1:83:d1:11:dd:27:ff:c1:aa:1f:4f:c2:
         a4:9c:24:f2
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUb8M2lEr5M8UocmPbG3qWXMQTAsIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwNzU2NDlaFw0yMzA5MjUwODAxNDlaMDMxMTAvBgNV
BAMTKEEwQTA5Njc1NjYwMUQxOUFBNTI0NEVEOEQ4QzY1MzAwRjgyOTBCMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4XDocb6xMoxAxdNqKf73fMs/4
PMTkMFlHMfrm+uH9XQkzDpKnWnWE8Kfgt5fYUsBmoC7Oh8iqoFY2VSOaOPscHxgp
YnwID7HvJD0LJ27DYgn+YlXrFN2O7aPbfxLbCg3c5bDJ5Jlgd+4T0AtZXyUKH7Ao
VEX4Xt5bsmfPib/GuQkWUXqz4Q+YQ65vW2XSws052B+d4r2orbmq0WUoVSDoISvP
HlRC1VlyqGtganQZ9Z1g6RD/q5BXgkQJ7wIsRTlUfei/n+eTmO7mpIoi+V86CQuq
KGoI82JmNuGH/rdIKrK9zUNoahjr3V61TAlOPg+wJuT1Rda47+nkazQRntpLAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUoKCWdWYB0ZqlJE7Y2MZTAPgpCwswHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzEzMDMzM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAB
AzANBgkqhkiG9w0BAQsFAAOCAQEAr8UhYso+r/G1ovgDwDVy/Fw6EozlXMaC1yQa
M5iDmeKlS/5a7op/qzYqG1EqLLyz7yj/htuKqo5MIhyFnuQofInCZ9XDLM1B2OQa
3E96/aP77m0yETdMYHaE4IAoxS0/e82w2nPIegWJxJLG4nZkWSw+tIhaaDNSvtuI
c8Et6PJhZdE/FM6RtEZQRdHue20AO2VKGep19/ZqxYyE6TM/Mcp+aCOmWAbhrhf7
5Gr0NtWJEpPDcaO2dsWFGrTnp8z1x3jg0K6wNJCE+o6RkaFltmKSQLpruaz9ekRx
7Sg7UsLJZgJodClc4/okKIMKrf0eoYPREd0n/8GqH0/CpJwk8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:13 2024 by rpki-client on console-fra.rpki-client.org